Computer Viruses
– Causes
– Cures
– Prevention practices
l Participant discussion
– Worst virus story
– What you hope to learn today
l Virus infections on computers, while not ‘life’ threatening, affects us in the workplace by:
– Slowing down - stopping production
– Diverting attention
l Virus prevention is a combination of:
– Knowledge
– Backups
– Anti-virus software
Vocabulary
l Terms
– Back Door
– Bug
– Firewall
– Hack
– Intrusion
– Signature Files
l Virus Types
– Trojan Horse
– Worm
– Macro
– Boot Sector
– Parasitic
History of Computer Viruses
First viruses came from Bulgaria, possibly Pakistan
– Boot sector virus, spread from floppy to floppy
What Is a Virus?
l Executable computer code that has the ability to spread by replicating itself
– Part of the code can be destructive or mischievous
– > 40,000 identified viruses
– No computer is immune
– Millions of dollars spent in production loss and clean-up
Life Cycle of a Virus
l Creation
l Replication
l Activation
l Discovery
l Assimilation
l Eradication
Common Virus Types
Boot Sector
l File Infector
l Multi-partite
l Macro
Boot Sector Virus
l Most common through 1980s and 1990s
– Spread via the boot sector on floppy disk to user’s hard drive
– ‘Sneakernet’ spread of virus was slow
– Virus removal simple
l Boot from uninfected floppy
Replace MBR (master boot record
File Infecting Viruses
l Parasitic viruses
– Operate in computer’s memory
– Infect executable files
l .COM, .EXE, .SYS, .BIN
– Found in Macintosh, Pre-Windows PCs, computers with limited security
Multi-Partite Viruses
l Boot Sector virus characteristics
l File infecting virus characteristics
– Jerusalem Virus
– Parity Boot Virus
Macro Viruses
l 60-80 percent of all viruses
l Not specific to operating system
l Propagation:
– Email attachments
– Floppy disks
– Web downloads
– File transfers
l Melissa, Nimda, WM97
Sources of Infection
l Floppy disk
l ‘Shared’ applications
l Internet
– Web
l LAN
– Shared folders
WAN Delivery of Viruses
l Viruses can propagate very quickly over Internet
– Nimda propagated around the world in less than a week
l Harder to isolate and eradicate
– More factors involved
– More computers, systems involved
Protection and Management
l Isolate your data from your applications
– Application folder
– Data folder
l Keep your data on the file server
– Backup data daily
– Keep several backups
l Have a disaster recovery plan
– Operating system
– Applications
Protection and Management #2
l If using newer operating systems, do not log in with administrative permissions
l Use anti-virus software
– Maintain signature files weekly
l Keep operating system current
– Service patches
l Keep applications current
– Service patches
Common Sense Approach
l Do not open mail from unknown addressees
l Do not use pirated copies of software
l If you don’t know what a file does or who it is from, don’t execute it
99% of viruses need to be run
Post-Virus Recovery Procedure
l Isolate computer
– Try to identify virus
– Try to identify source
– Try to disinfect with anti-virus software
– Reinstall operating system
Reinstall applications
Ten Immutable Laws of Security
l If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore
l If a bad guy can alter the operating system on your computer, it’s not your computer anymore
l If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore
If you allow a bad guy to upload programs to
Ten Immutable Laws, Cntd
l A machine is only as secure as the administrator is trustworthy
l Encrypted data is only as secure as the decryption key
l An out of date virus scanner is only marginally better than no virus scanner at all
l Absolute anonymity isn’t practical, in real life or on the web
l Technology is not a panacea
Ten Immutable Laws, Cntd
l A machine is only as secure as the administrator is trustworthy
l Encrypted data is only as secure as the decryption key
l An out of date virus scanner is only marginally better than no virus scanner at all
l Absolute anonymity isn’t practical, in real life or on the web
l Technology is not a panacea
Summary
l Viruses are a waste of time and money
l Form of cyber-terrorism
l Can be dealt with – common sense
l Start backing up your data
l Make sure your anti-virus signature files are current
No comments:
Post a Comment